skip to main content
research-article
Free Access

A Practical Approach for Model Checking C/C++11 Code

Published:02 May 2016Publication History
Skip Abstract Section

Abstract

Writing low-level concurrent software has traditionally required intimate knowledge of the entire toolchain and often has involved coding in assembly. New language standards have extended C and C++ with support for low-level atomic operations and a weak memory model, enabling developers to write portable and efficient multithreaded code.

In this article, we present CDSChecker, a tool for exhaustively exploring the behaviors of concurrent code under the C/C++ memory model. We have used CDSChecker to exhaustively unit test concurrent data structure implementations and have discovered errors in a published implementation of a work-stealing queue and a single producer, single consumer queue.

References

  1. Synchronization Algorithm Verificator for C++0x. https://groups.google.com/forum/#!msg/comp.programming.threads/nSSFT9vKEe0/7eD3ioDg6nEJ. Oct. 2012.Google ScholarGoogle Scholar
  2. Writing a (spinning) thread barrier using c++11 atomics. http://stackoverflow.com/questions/8115267/writing-a-spinning-thread-barrier-using-c11-atomics. Oct. 2012.Google ScholarGoogle Scholar
  3. Multithreading and Concurrency. http://www.justsoftwaresolutions.co.uk/threading/. Dec. 2012.Google ScholarGoogle Scholar
  4. MCS list-based lock. http://cbloomrants.blogspot.com/2011/07/07-18-11-mcs-list-based-lock_18. html. Oct. 2012.Google ScholarGoogle Scholar
  5. A look at some bounded queues - part 2. http://cbloomrants.blogspot.com/2011/07/07-30-11-look-at-some-bounded-queues.html. Oct. 2012.Google ScholarGoogle Scholar
  6. Mark Batty, Mike Dodds, and Alexey Gotsman. 2013. Library abstraction for C/C++ concurrency. In Proceedings of the Symposium on Principles of Programming Languages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Mark Batty, Scott Owens, Susmit Sarkar, Peter Sewell, and Tjark Weber. 2011. Mathematizing C++ concurrency. In Proceedings of the Symposium on Principles of Programming Languages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Jasmin Christian Blanchette, Tjark Weber, Mark Batty, Scott Owens, and Susmit Sarkar. 2011. Nitpicking C++ concurrency. In Proceedings of the 13th International ACM SIGPLAN Symposium on Principles and Practices of Declarative Programming. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Hans Boehm. 2012. Can seqlocks get along with programming language memory models? In Proceedings of the 2012 ACM SIGPLAN Workshop on Memory Systems Performance and Correctness. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Hans J. Boehm. 2013. N3786: Prohibiting “out of thin air” results in C++14. Retrieved from http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2013/n3786.htm.Google ScholarGoogle Scholar
  11. Hans J. Boehm and Sarita V. Adve. 2008. Foundations of the C++ concurrency memory model. In Proceedings of the 2008 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Hans-J. Boehm, Mark Batty, Brian Demsky, Olivier Giroux, Paul McKenney, Peter Sewell, and Francesco Zappa Nardelli. 2013. N3710: Specifying the absence of “out of thin air” results. Retrieved from http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2013/n3710.html.Google ScholarGoogle Scholar
  13. Hans-J. Boehm and Brian Demsky. 2014. Outlawing ghosts: Avoiding out-of-thin-air results. In Proceedings of the ACM SIGPLAN Workshop on Memory Systems Performance and Correctness. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Sebastian Burckhardt, Chris Dern, Madanlal Musuvathi, and Roy Tan. 2010. Line-up: A complete and automatic linearizability checker. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Cliff Click. 2007. A Lock-Free Hash Table. Retrieved from http://www.azulsystems.com/events/javaone_2007/ 2007_LockFreeHash.pdf.Google ScholarGoogle Scholar
  16. Arnab De, Abhik Roychoudhury, and Deepak D’Souza. 2008. Java memory model aware software validation. In Proceedings of the 8th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Tayfun Elmas, Shaz Qadeer, and Serdar Tasiran. 2007. Goldilocks: A race and transaction-aware java runtime. In Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Dawson Engler and Ken Ashcraft. 2003. RacerX: Effective, static detection of race conditions and deadlocks. In Proceedings of the 19th ACM Symposium on Operating Systems Principles. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Cormac Flanagan and Stephen N. Freund. 2009. FastTrack: Efficient and precise dynamic race detection. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Cormac Flanagan and Stephen N. Freund. 2010. Adversarial memory for detecting destructive races. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Cormac Flanagan and Patrice Godefroid. 2005. Dynamic partial-order reduction for model checking software. In Proceedings of the Symposium on Principles of Programming Languages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Patrice Godefroid. 1996. Partial-order methods for the verification of concurrent systems: An approach to the state-explosion problem. Lecture Notes in Computer Science 1032. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Patrice Godefroid. 1997. Model checking for programming languages using VeriSoft. In Proceedings of the Symposium on Principles of Programming Languages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Gerard J. Holzmann. 2003. The SPIN Model Checker: Primer and Reference Manual (1st ed.). Addison-Wesley Professional, New York, NY. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Thuan Quang Huynh and Abhik Roychoudhury. 2006. A memory model sensitive checker for C#. In Proceedings of the 14th International Conference on Formal Methods. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. ISO/IEC 14882:2011. ISO/IEC 14882:2011, Information Technology -- Programming Languages -- C++.Google ScholarGoogle Scholar
  27. ISO/IEC 9899:2011. ISO/IEC 9899:2011, Information Technology -- Programming Languages -- C.Google ScholarGoogle Scholar
  28. Bengt Jonsson. 2009. State-space exploration for concurrent algorithms under weak memory orderings. SIGARCH Computer Architecture News 36, 5 (June 2009), 65--71. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Michael Kuperstein, Martin Vechev, and Eran Yahav. 2010. Automatic inference of memory fences. In Proceedings of the Conference on Formal Methods in Computer-Aided Design. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Michael Kuperstein, Martin Vechev, and Eran Yahav. 2011. Partial-coherence abstractions for relaxed memory models. In Proceedings of the 2011 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Leslie Lamport. 1978. Time, clocks, and the ordering of events in a distributed system. Commun. ACM 21, 7 (July 1978), 558--565. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Nhat Minh Lê, Antoniu Pop, Albert Cohen, and Francesco Zappa Nardelli. 2013. Correct and efficient work-stealing for weak memory models. In Proceedings of the 18th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming. ACM, New York, NY. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Brandon Lucia, Luis Ceze, Karin Strauss, Shaz Qadeer, and Hans Boehm. 2010. Conflict exceptions: Simplifying concurrent language semantics with precise hardware exceptions for data-races. In Proceedings of the 37th Annual International Symposium on Computer Architecture. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Daniel Marino, Abhayendra Singh, Todd Millstein, Madanlal Musuvathi, and Satish Narayanasamy. 2011. A case for an sc-preserving compiler. In Proceedings of the 2011 ACM SIGPLAN Conference on Programming Language Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. John M. Mellor-Crummey and Michael L. Scott. 1991. Synchronization without contention. In Proceedings of the 4th International Conference on Architectural Support for Programming Languages and Operating Systems. 269--278. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Maged M. Michael and Michael L. Scott. 1996. Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In Proceedings of the 15th Annual ACM Symposium on Principles of Distributed Computing. ACM, New York, NY. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Mark Moir and Nir Shavit. 2004. Handbook of Data Structures and Applications. Chapman and Hall/CRC Press, Boca Raton, FL.Google ScholarGoogle Scholar
  38. Madanlal Musuvathi, Shaz Qadeer, Piramanayagam Arumuga Nainar, Thomas Ball, Gerard Basler, and Iulian Neamtiu. 2008. Finding and reproducing heisenbugs in concurrent programs. In Proceedings of the 8th Symposium on Operating Systems Design and Implementation. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Brian Norris and Brian Demsky. 2013. CDSChecker: Checking concurrent data structures written with C/C++ atomics. In Proceeding of the 28th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Seungjoon Park and David L. Dill. 1999. An executable specification and verifier for relaxed memory order. IEEE Trans. Comput. 48 (1999), 227--235. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, and Thomas Anderson. 1997. Eraser: A dynamic data race detector for multithreaded programs. ACM Transactions on Computing Systems 15, 4 (Nov. 1997), 391--411. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Nir Shavit. 2011. Data structures in the multicore age. Commun. ACM 54, 3 (March 2011). Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Viktor Vafeiadis, Thibaut Balabonski, Soham Chakraborty, Robin Morisset, and Francesco Zappa Nardelli. 2015. Common compiler optimisations are invalid in the C11 memory model and what we can do about it. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Viktor Vafeiadis and Chinmay Narayan. 2013. Relaxed separation logic: A program logic for C11 concurrency. In Proceeding of the 28th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Dmitriy Vyukov. Oct. Relacy Race Detector. Retrieved from http://relacy.sourceforge.net/.Google ScholarGoogle Scholar
  46. Chao Wang, Yu Yang, Aarti Gupta, and Ganesh Gopalakrishnan. 2008. Dynamic model checking with property driven pruning to detect race conditions. ATVA LNCS 126--140 (2008). Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Yu Yang, Xiaofang Chen, Ganesh Gopalakrishnan, and Robert M. Kirby. 2008. Efficient stateful dynamic partial order reduction. In Proceedings of the 15th International SPIN Workshop on Model Checking Software. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Yu Yang, Xiaofang Chen, Ganesh Gopalakrishnan, and Chao Wang. 2009. Automatic discovery of transition symmetry in multithreaded programs using dynamic analysis. In Proceedings of the 16th International SPIN Workshop on Model Checking Software. 279--295. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. A Practical Approach for Model Checking C/C++11 Code

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Programming Languages and Systems
      ACM Transactions on Programming Languages and Systems  Volume 38, Issue 3
      May 2016
      209 pages
      ISSN:0164-0925
      EISSN:1558-4593
      DOI:10.1145/2914585
      Issue’s Table of Contents

      Copyright © 2016 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 2 May 2016
      • Accepted: 1 July 2015
      • Revised: 1 March 2015
      • Received: 1 May 2014
      Published in toplas Volume 38, Issue 3

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Research
      • Refereed

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!